InfoWorld

Using Generic ‘log’ Methods in Java Logging

When developing Java applications, it is easy to get used to invoking logging on the provided logger via its log level-specific methods. For example, Log4j‘s Logger provides methods such as ...
GIGAZINE

Why does the vulnerability 'Log4Shell (CVE-2021-44228)' found in Java's Log4j library have a major impact on the world?

A version of Apache Log4j, a Java log output library, that fixes the zero-day vulnerability 'CVE-2021-44228 ', commonly known as ' Log4Shell ', for remote code execution will be released on December ...
InfoQ

LOGBack: Evolving Java Logging

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. This article dives into the happens-before ...
ZDNet

AWS's AI code reviewer now spots Log4Shell-like bugs in Java and Python code

Amazon Web Services (AWS) has updated the 'detectors' in its CodeGuru Reviewer tool to seek out log injection flaws like the recently disclosed Log4Shell bug in the popular Java logging library Log4J.
ZDNet

Exception handling: The good, the bad, and the ugly

Even though exception handling is common and every introductory Java course covers it, I still don't think we really know how to do it well. It is almost as if the general concept is still evolving ...
Financial Post

It could take years for applications using vulnerable version of Java log4j library to be patched, says expert

Infosec leaders around the world are being urged to heed warnings from national computer emergency teams, software suppliers and cybersecurity experts about a critical logging-related vulnerability in ...
AppleInsider

Critical 'Log4J' Java flaw being used to deliver malware, crypto-miners

A critical flaw in a popularly used Java library is being exploited by malicious actors to deliver malware, while security researchers are scanning for vulnerable servers. The flaw and a ...